search

troglobit / pimd

PIM-SM/SSM multicast routing for UNIX and Linux
http://troglobit.com/projects/pimd/
BSD 3-Clause "New" or "Revised" License
194 stars 86 forks source link

PIM-SM over GRE and VPN config issue #200

Closed kkatsaros-dcat closed 2 years ago

kkatsaros-dcat commented 2 years ago

Hi,

I have been using the Linux distro of pimd (v 2.3.2) and my setup looks like this.

image

I have a host-A connecting over VPN to our Firewall which acts also as router with PIM-SM/IGMPv2 I have a GRE tunnel from Host-A over the VPN link (the gpd0 interface) to pass the multicast traffic terminating to the Firewall.

A second host-B (actually a VM in an openstack) is attached to the firewall through a switch. Both the tun1 and eth1/1120 interfaces in the firewall are part of the same virtual router and I can confirm unicast routing from one to the other.

[HOST-A]

$ ping -I gre1 10.100.120.7
PING 10.100.120.7 (10.100.120.7) from 10.100.125.2 gre1: 56(84) bytes of data.
64 bytes from 10.100.120.7: icmp_seq=1 ttl=63 time=19.9 ms
64 bytes from 10.100.120.7: icmp_seq=2 ttl=63 time=34.9 ms

[HOST-B]

ping -I ens3 10.100.125.2
PING 10.100.125.2 (10.100.125.2) from 10.100.120.7 ens3: 56(84) bytes of data.
64 bytes from 10.100.125.2: icmp_seq=1 ttl=63 time=107 ms
64 bytes from 10.100.125.2: icmp_seq=2 ttl=63 time=140 ms

PIM-SM is running on both hosts (pimd) and on the Firewall.

[HOST-A]

sudo pimd -r
Virtual Interface Table ======================================================
Vif  Local Address    Subnet              Thresh  Flags      Neighbors
---  ---------------  ------------------  ------  ---------  -----------------
  0  192.168.0.76     192.168                  1  DISABLED
  1  10.100.121.241   10.100.121.241/32      255  DR NO-NBR
  2  10.100.125.2     10.100.125/30          255  DR NO-NBR
  3  10.100.121.241   register_vif0            1

 Vif  SSM Group        Sources

Multicast Routing Table ======================================================
--------------------------------- (*,*,G) ------------------------------------
Number of Groups: 0
Number of Cache MIRRORs: 0
------------------------------------------------------------------------------

[HOST-B]

$ sudo pimd -r
Virtual Interface Table ======================================================
Vif  Local Address    Subnet              Thresh  Flags      Neighbors
---  ---------------  ------------------  ------  ---------  -----------------
  0  10.100.120.7     10.100.120/24            1  DR NO-NBR
  1  10.100.120.7     register_vif0            1

 Vif  SSM Group        Sources

Multicast Routing Table ======================================================
--------------------------------- (*,*,G) ------------------------------------
Number of Groups: 0
Number of Cache MIRRORs: 0
------------------------------------------------------------------------------

The RP is set up on the Firewall is 10.100.122.1 My pimd.conf config file looks like this

[HOST A]

default-route-distance 101
phyint wlan0 disable
phyint gre1 enable igmpv2 ttl-threshold 255
phyint gpd0 enable igmpv2 ttl-threshold 255
rp-candidate  gre1
                group-prefix 239.0.0.0/8
rp-address    10.100.122.1 239.0.0.0/8
spt-threshold packets 0 interval 100

[HOST B]

bsr-candidate priority 5
rp-candidate time 30 priority 20
group-prefix 239.0.0.0 masklen 8
rp-address 10.100.122.1 239.0.0.0/8
spt-threshold packets 0 interval 100

Firewall config image It has identified PIM neighbours image

I'm using mcjoin to test the multicast, with te sender in the HOST-B and receiver in HOST-A but with no luck.

                                                 mcjoin :: receiving multicast                                                    45s

dc5g (10.100.125.2@gre1) [Help | Toggle | Quit] Fri Sep 24 17:22:57 2021 Source,Group Plotter Rate Bytes Packets *,239.1.2.3 \ [ ] 0.0k 0.0k 0

Time Log Fri Sep 24 17:22:12 2021 Joining (,239.1.2.3) on gre1, ifindex: 14, sd: 5 Fri Sep 24 17:22:58 2021 ,239.1.2.3: invalid 0 delay 0 gaps 0 reorder 0 dupes 0 bytes 0 packets 0 Fri Sep 24 17:22:58 2021 Total: 0 packets Fri Sep 24 17:22:58 2021 Uptime: 46s

mcjoin :: sending multicast 14s 5gf-vm3 (10.100.120.7@ens3) [Help | Toggle | Quit] Fri Sep 24 16:22:59 2021 Source,Group Plotter Packets *,239.1.2.3 \ [...............................................................................................................] 141

Time Log Fri Sep 24 16:22:45 2021 Sending IPv4 multicast on ens3 addr, 10.100.120.7 ifindex: 2, sd: 5 Fri Sep 24 16:22:59 2021 *,239.1.2.3: invalid 0 delay 0 gaps 0 reorder 0 dupes 0 bytes 14100 packets 141 Fri Sep 24 16:22:59 2021 Total: 141 packets Fri Sep 24 16:22:59 2021 Uptime: 14s

My concern is if the pimd.comf is correctly created. I am not an expert in multicast to be honest. Any support would be appreciated.

troglobit commented 2 years ago

I'm not sure I understand your setup, and the report was quite hard to read. I tried to add some Markdown markup to fix things ...

From what I can see, HOST-A doesn't seem to find any PIM neighbors, so a bit hard to do some routing then. You don't show how you've set up your GRE tunnel, but I suspect you've forgot to set the MULTICAST interface flag. I actually wrote a blog post about this a few years ago that might be helpful. Please let me know if it works for you.

https://troglobit.com/2016/07/05/multicast-routing-with-pim-sm-over-gre/

Also, this is more of a support issue rather than bug report, so I'm moving this to Discussions.